August 15, 2016

Fuzzing 101

This lecture provides coverage of Fuzzing techniques for SDL, VR, 0-day hunting, and other applications. We discuss nuances and realities of bug hunting, testing, and bug fixing. Mutational, generational (aka model based), and differential fuzzing are covered. Computer science theory is discussed in relation to computational and algorithmic limits on fuzzing. Test harness development and modification is discussed. Crash analysis is covered in depth, and finally demonstrations of using tools like American Fuzzy Lop (AFL) fuzzer and lcov are presented.